Lucene search
K

5 matches found

CVE
CVE
added 2025/07/16 2:4 p.m.17 views

CVE-2025-40919

The CVE-2025-40919 entry concerns Authen::DigestMD5 for Perl, affecting versions 0.01–0.02. The vulnerability stems from generating the cnonce with an MD5 hash of the PID, epoch time, and Perl’s rand(), which can yield low-entropy values (PID from a small set and potentially guessable epoch time)...

6.5CVSS6.5AI score0.00275EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/07/16 2:4 p.m.12 views

CVE-2025-40919 Authen::DigestMD5 versions 0.01 through 0.04 for Perl generate the cnonce insecurely

Authen::DigestMD5 versions 0.01 through 0.02 for Perl generate the cnonce insecurely. The cnonce client nonce is generated from an MD5 hash of the PID, the epoch time and the built-in rand function. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not...

7.2AI score0.00275EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/07/16 2:4 p.m.17 views

CVE-2025-40919 Authen::DigestMD5 versions 0.01 through 0.04 for Perl generate the cnonce insecurely

Authen::DigestMD5 versions 0.01 through 0.02 for Perl generate the cnonce insecurely. The cnonce client nonce is generated from an MD5 hash of the PID, the epoch time and the built-in rand function. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not...

0.00275EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/07/16 12:0 a.m.5 views

PT-2025-29832 · Unknown · Authen::Digestmd5

Name of the Vulnerable Software and Affected Versions: Authen::DigestMD5 versions 0.01 through 0.02 Description: The cnonce client nonce is generated insecurely using an MD5 hash of the PID, the epoch time, and the built-in rand function. The PID originates from a limited set of numbers, and the...

6.5CVSS6.1AI score0.00275EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/07/16 12:0 a.m.7 views

Authen::DigestMD5 安全漏洞

Authen::DigestMD5 is a module in the Perl language from the Perl community. A security vulnerability exists in Authen::DigestMD5 versions 0.01 through 0.02, which stems from insecure cnonce generation...

6.5CVSS6.8AI score0.00275EPSS
Exploits0References3
Rows per page
Query Builder